Transaction assessment and/or authentication

US 9,471,920 B2
Filed: 05/10/2010
Issued: 10/18/2016
Est. Priority Date: 05/15/2009
Status: Active Grant

First Claim

Patent Images

1. An authentication system for electronic transactions occurring over a computerized network, the system comprising:

a transaction authentication system interface operatively coupled to the computerized network for receiving proposed transaction information over the computerized network;

a user information database; and

a transaction authentication tool, operatively coupled to the transaction authentication system interface and to the user information database and configured to perform the steps of;

receiving, from the transaction authentication system interface, a request to utilize a payment instrument in a transaction;

receiving, from the transaction authentication system interface, information pertaining to the payment instrument, information pertaining to a user computer system used to initiate the transaction, and a collected electronic signature representation of a user including attributes associated with the user computer system; and

determining, by the transaction authentication tool, an indication of (a) a match score between the collected electronic signature representation of the user associated with the user computer system and an electronic signature stored in the user information database to establish a user identity, (b) whether the payment instrument matches a payment instrument stored in the user information database, (c) whether the user computer system matches a computer identification stored in the user information database, (d) whether the user identity, the user computer system and the payment instrument have been previously used together, and (e) whether the user identity, the user computer system and the payment instrument all have transaction reputations of a predetermined category;

transmitting by the transaction authentication tool;

(w) an indication that the transaction be rejected if the transaction authentication tool determines that the at least one of the user identity, the user computer system and the payment instrument does not have transaction reputations of the predetermined category,(x) an indication that the transaction be subject to scrutiny of a first predetermined level if the authentication transaction tool determines thatthe match score is above a threshold,the payment instrument matches a payment instrument stored in the user information database,the user computer system matches a computer identification stored in the user information database,the user identity, the user computer system and the payment instrument have been previously used together, andthe user identity, the user computer system and the payment instrument all have transaction reputations of the predetermined category,(y) an indication that the transaction be subject to scrutiny of the first predetermined level if the authentication transaction tool determines thatthe match score is below the threshold,the payment instrument matches a payment instrument stored in the user information database,the user computer system matches a computer identification stored in the user information database,the user identity, the user computer system and the payment instrument have been previously used together, andthe user identity, the user computer system and the payment instrument all have transaction reputations of the predetermined category, and(z) an indication that the transaction be subject to scrutiny of a second predetermined level if none of (w), (x) and (y) are satisfied;

wherein electronic signatures collected and stored in the user information database include at least one of;

browser fingerprint attributes associated with an individual'"'"'s browser, the browser fingerprint attributes including two or more attributes taken from the group consisting of;

(i) operating system identity,(ii) screen resolution,(iii) software plug-ins,(iv) time zone,(v) system language,(vi) information pertaining to whether Java is enabled,(vii) information pertaining to whether cookies are enabled,(viii) information pertaining to sites visited by a user'"'"'s computer, and(ix) information pertaining to social network friends of a user; and

computer fingerprint attributes associated with an individual'"'"'s computer, the computer fingerprint attributes including a plurality of attributes taken from the group consisting of;

(i) processor characteristics,(ii) machine memory size,(iii) values loaded at predetermined locations in the individual'"'"'s computer,(iv) values loaded into a registry in an operating system of the individual'"'"'s computer,(v) Ethernet MAC address,(vi) network information,(vii) programs loaded onto the individual'"'"'s computer, and(viii) log files in the individual'"'"'s computer.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for assessing and authenticating transactions are disclosed. Some exemplary embodiments may authenticate transactions based at least in part on a comparison of a newly obtained electronic signature associated with a user with a previously obtained electronic signature associated with the user, where a payment instrument presented for use in the transaction is also associated with the user. Exemplary electronic signatures may comprise any information which may identify the user, such as browser fingerprints, computer fingerprints, IP addresses, geographic IP location information, information associated with a payment, and/or a typing patterns.

80 Citations

View as Search Results

7 Claims

1. An authentication system for electronic transactions occurring over a computerized network, the system comprising:
- a transaction authentication system interface operatively coupled to the computerized network for receiving proposed transaction information over the computerized network;
  
  a user information database; and
  
  a transaction authentication tool, operatively coupled to the transaction authentication system interface and to the user information database and configured to perform the steps of;
  
  receiving, from the transaction authentication system interface, a request to utilize a payment instrument in a transaction;
  
  receiving, from the transaction authentication system interface, information pertaining to the payment instrument, information pertaining to a user computer system used to initiate the transaction, and a collected electronic signature representation of a user including attributes associated with the user computer system; and
  
  determining, by the transaction authentication tool, an indication of (a) a match score between the collected electronic signature representation of the user associated with the user computer system and an electronic signature stored in the user information database to establish a user identity, (b) whether the payment instrument matches a payment instrument stored in the user information database, (c) whether the user computer system matches a computer identification stored in the user information database, (d) whether the user identity, the user computer system and the payment instrument have been previously used together, and (e) whether the user identity, the user computer system and the payment instrument all have transaction reputations of a predetermined category;
  
  transmitting by the transaction authentication tool;
  
  (w) an indication that the transaction be rejected if the transaction authentication tool determines that the at least one of the user identity, the user computer system and the payment instrument does not have transaction reputations of the predetermined category,(x) an indication that the transaction be subject to scrutiny of a first predetermined level if the authentication transaction tool determines thatthe match score is above a threshold,the payment instrument matches a payment instrument stored in the user information database,the user computer system matches a computer identification stored in the user information database,the user identity, the user computer system and the payment instrument have been previously used together, andthe user identity, the user computer system and the payment instrument all have transaction reputations of the predetermined category,(y) an indication that the transaction be subject to scrutiny of the first predetermined level if the authentication transaction tool determines thatthe match score is below the threshold,the payment instrument matches a payment instrument stored in the user information database,the user computer system matches a computer identification stored in the user information database,the user identity, the user computer system and the payment instrument have been previously used together, andthe user identity, the user computer system and the payment instrument all have transaction reputations of the predetermined category, and(z) an indication that the transaction be subject to scrutiny of a second predetermined level if none of (w), (x) and (y) are satisfied;
  
  wherein electronic signatures collected and stored in the user information database include at least one of;
  
  browser fingerprint attributes associated with an individual'"'"'s browser, the browser fingerprint attributes including two or more attributes taken from the group consisting of;
  
  (i) operating system identity,(ii) screen resolution,(iii) software plug-ins,(iv) time zone,(v) system language,(vi) information pertaining to whether Java is enabled,(vii) information pertaining to whether cookies are enabled,(viii) information pertaining to sites visited by a user'"'"'s computer, and(ix) information pertaining to social network friends of a user; and
  
  computer fingerprint attributes associated with an individual'"'"'s computer, the computer fingerprint attributes including a plurality of attributes taken from the group consisting of;
  
  (i) processor characteristics,(ii) machine memory size,(iii) values loaded at predetermined locations in the individual'"'"'s computer,(iv) values loaded into a registry in an operating system of the individual'"'"'s computer,(v) Ethernet MAC address,(vi) network information,(vii) programs loaded onto the individual'"'"'s computer, and(viii) log files in the individual'"'"'s computer.

2. An authentication system for electronic transactions occurring over a computerized network, the system comprising:
- a transaction authentication system interface operatively coupled to the computerized network for receiving proposed transaction information and additional computer network information over the computerized network, the additional computer network information being collected by at least one of a computer cookie and an application programming interface stored on a computer initiating the proposed transaction information;
  
  at least one electronic storage device containing a user information database; and
  
  a transaction authentication tool, operatively coupled to the transaction authentication system interface and to the user information database and configured to perform the steps of;
  
  storing a first electronic signature representation of a first user in the user information database, the first electronic signature including a plurality of attributes associated with the first user'"'"'s identity collected in connection with a prior transaction associated with a first entity taken from the group consisting of a first merchant, a first bank and a first payment processor;
  
  associating the first electronic signature with a payment instrument utilized in the prior transaction;
  
  receiving from the transaction authentication system interface a second electronic signature representation of a second user in connection with a proposed transaction utilizing a payment instrument, the second electronic signature including a plurality of attributes associated with the second user'"'"'s identity collected in connection with the proposed transaction associated with a second entity, different than the first entity, taken from the group consisting of a second merchant, a second bank and a second payment processor;
  
  determining whether the second electronic signature correlates with the first electronic signature by comparing the second electronic signature with the first electronic signature to determine the identity of the second user relative to the first user; and
  
  determining whether the proposed transaction is authorized based upon establishing the identity of the second user relative to the first user;
  
  wherein the plurality of attributes associated with the first user'"'"'s identity and the plurality of attributes associated with the second user'"'"'s identity include;
  
  browser fingerprint attributes associated with an individual'"'"'s browser, the browser fingerprint attributes including two or more attributes taken from the group consisting of (i) operating system identity, (ii) screen resolution, (iii) software plug-ins, (iv) time zone, (v) system language, (vi) information pertaining to whether Java is enabled, (vii) information pertaining to whether cookies are enabled, (viii) information pertaining to sites visited by a user'"'"'s computer, and (ix) information pertaining to social network friends of a user; and
  
  computer fingerprint attributes associated with an individual'"'"'s computer, the computer fingerprint attributes including two or more attributes taken from the group consisting of (i) processor characteristics, (ii) machine memory size, (iii) values loaded at predetermined locations in the individual'"'"'s computer, (iv) values loaded into a registry in an operating system of the individual'"'"'s computer, (v) Ethernet MAC address, (vi) network information, (vii) programs loaded onto the individual'"'"'s computer, and (viii) log files in the individual'"'"'s computer;
  
  wherein comparing the second electronic signature with the first electronic signature includes comparing individual attributes collected in connection with the proposed transaction to corresponding ones of the plurality of attributes collected in connection with the prior transaction so as to determine whether or not the identity of the user represented by the first electronic signature is the same as that performing the proposed transaction;
  
  wherein determining whether the second electronic signature correlates with the first electronic signature is based at least in part upon a trust score calculated using a weighted consideration of at least some of the plurality of attributes collected in connection with the prior transaction;
  
  wherein the weighted consideration includes calculating the trust score based at least in part upon matching attributes, non-matching attributes, and attributes not compared;
  
  wherein the trust score is calculated using the following equation;
  
  (matchWeight²−
  
  (missWeight*2)−
  
  notInRequest)*1000/maxPossible²whereinmatchWeight corresponds to a sum of weights of all the matching attributes,missWeight corresponds to a sum of weights of all the non-matching attributes,notInRequest corresponds to a sum of weights of all the attributes not compared, andmaxPossible corresponds to a sum of the weights of all the matching attributes, non-matching attributes and attributes not compared.

3. An authentication system for electronic transactions occurring over a computerized network, the system comprising:
- a transaction authentication system interface operatively coupled to the computerized network for receiving proposed transaction information over the computerized network;
  
  a user information database; and
  
  a transaction authentication tool, operatively coupled to the transaction authentication system interface and to the user information database and configured to perform the steps of;
  
  receiving a received electronic signature representation of a user from the transaction authentication system interface, the received electronic signature including a plurality of received attributes associated with a user'"'"'s identity and associated with a first entity taken from the group consisting of a first merchant, a first bank and a first payment processor;
  
  receiving information pertaining to a proposed transaction associated with the received electronic signature; and
  
  determining whether the received electronic signature correlates with any of a plurality of electronic signatures stored in the user information database by comparing the plurality of received attributes of the received electronic signature to a plurality of stored attributes associated with the plurality of stored electronic signatures;
  
  wherein at least one of the plurality of stored electronic signatures are associated with a second entity, different from the first entity, taken from the group consisting of a second merchant, a second bank and a second payment processor;
  
  wherein the plurality of received attributes and the plurality of stored attributes include;
  
  browser fingerprint attributes associated with an individual'"'"'s browser, the browser fingerprint attributes including two or more attributes taken from the group consisting of (i) operating system identity, (ii) screen resolution, (iii) software plug-ins, (iv) time zone, (v) system language, (vi) information pertaining to whether Java is enabled, (vii) information pertaining to cookies are enabled, (viii) information pertaining to sites visited by a user'"'"'s computer, and (ix) information pertaining to social network friends of a user; and
  
  computer fingerprint attributes associated with an individual'"'"'s computer, the computer fingerprint attributes including a plurality of attributes taken from the group consisting of (i) processor characteristics, (ii) machine memory size, (iii) values loaded at predetermined locations in the individual'"'"'s computer, (iv) values loaded into a registry in an operating system of the individual'"'"'s computer, (v) Ethernet MAC address, (vi) network information, (vii) programs loaded onto the individual'"'"'s computer, and (viii) log files in the individual'"'"'s computer;
  
  wherein determining whether the received electronic signature correlates with any of the plurality of stored electronic signatures includes determining which ones of the plurality of received attributes match stored attributes associated with individual stored electronic signatures;
  
  wherein determining whether the received electronic signature correlates with any of the plurality of stored electronic signatures includes calculating a trust score based at least in part upon which ones of the plurality of received attributes match stored attributes associated with individual stored electronic signatures;
  
  wherein calculating the trust score includes applying different weights to different ones of the plurality of received attributes; and
  
  wherein the trust score is calculated based upon (a) a sum of weights of received attributes that match stored attributes, (b) a sum of weights of received attributes not matching the stored attributes, and (c) a sum of the weights of received attributes matching and not matching the stored attributes.
- View Dependent Claims (4)
- - 4. The authentication system of claim 3, wherein the trust score is calculated based upon (a) a sum of all the weights of received attributes that match stored attributes, (b) a sum of all the weights of received attributes not matching the stored attributes, and (c) a sum of all the weights of received attributes matching and not matching the stored attributes.

5. An authentication system for electronic transactions occurring over a computerized network, the system comprising:
- a transaction authentication system interface operatively coupled to the computerized network for receiving proposed transaction information over the computerized network;
  
  a user information database; and
  
  a transaction authentication tool, operatively coupled to the transaction authentication system interface and to the user information database and configured to perform the steps of;
  
  receiving a received electronic signature representation of a user from the transaction authentication system interface, the received electronic signature including a plurality of received attributes associated with a user'"'"'s identity and associated with a first entity taken from the group consisting of a first merchant, a first bank and a first payment processor;
  
  receiving information pertaining to a proposed transaction associated with the received electronic signature; and
  
  determining whether the received electronic signature correlates with any of a plurality of electronic signatures stored in the user information database by comparing the plurality of received attributes of the received electronic signature to a plurality of stored attributes associated with the plurality of stored electronic signatures;
  
  wherein at least one of the plurality of stored electronic signatures are associated with a second entity, different from the first entity, taken from the group consisting of a second merchant, a second bank and a second payment processor;
  
  wherein the plurality of received attributes and the plurality of stored attributes include;
  
  browser fingerprint attributes associated with an individual'"'"'s browser, the browser fingerprint attributes including two or more attributes taken from the group consisting of (i) operating system identity, (ii) screen resolution, (iii) software plug-ins, (iv) time zone, (v) system language, (vi) information pertaining to whether Java is enabled, (vii) information pertaining to whether cookies are enabled, (viii) information pertaining to sites visited by a user'"'"'s computer, and (ix) information pertaining to social network friends of a user; and
  
  computer fingerprint attributes associated with an individual'"'"'s computer, the computer fingerprint attributes including a plurality of attributes taken from the group consisting of (i) processor characteristics, (ii) machine memory size, (iii) values loaded at predetermined locations in the individual'"'"'s computer, (iv) values loaded into a registry in an operating system of the individual'"'"'s computer, (v) Ethernet MAC address, (vi) network information, (vii) programs loaded onto the individual'"'"'s computer, and (viii) log files in the individual'"'"'s computer;
  
  wherein determining whether the received electronic signature correlates with any of the plurality of stored electronic signatures includes determining which ones of the plurality of received attributes match stored attributes associated with individual stored electronic signatures;
  
  wherein determining whether the received electronic signature correlates with any of the plurality of stored electronic signatures includes calculating a trust score based at least in part upon which ones of the plurality of received attributes match stored attributes associated with individual stored electronic signatures;
  
  wherein calculating the trust score includes applying different weights to different ones of the plurality of received attributes; and
  
  wherein the trust score is calculated based upona which is a sum of weights of received attributes that match stored attributes,b which is a sum of weights of received attributes not matching the stored attributes,c which is a sum of weights of received attributes not compared with stored attributes, andd which is a sum of the weights of received attributes matching, not matching and not compared with the stored attributes.
- View Dependent Claims (6)
- - 6. The authentication system of claim 5, wherein the trust score is calculated from the following equation:
    - (a²−
      
      (b*2)−
      
      c)*1000/d².

7. A method for authenticating an electronic transaction received at a transaction authentication system interface, the method comprising the steps of:
- receiving, from a transaction authentication system interface, a request to utilize a payment instrument in a transaction;
  
  receiving, from the transaction authentication system interface, information pertaining to the payment instrument, information pertaining to a user computer system used to initiate the transaction, and a collected electronic signature representation of a user including attributes associated with the user computer system;
  
  determining an indication of (a) a match score between the collected electronic signature representation of the user associated with the user computer system and an electronic signature stored in the user information database to establish a user identity, (b) whether the payment instrument matches a payment instrument stored in the user information database, (c) whether the user computer system matches a computer identification stored in the user information database, (d) whether the user identity, the user computer system and the payment instrument have been previously used together, and (e) whether the user identity, the user computer system and the payment instrument all have transaction reputations of a predetermined category; and
  
  transmitting;
  
  (w) an indication that the transaction be rejected if it is determined that the at least one of the user identity, the user computer system and the payment instrument does not have transaction reputations of the predetermined category,(x) an indication that the transaction be subject to scrutiny of a first predetermined level if it is determined that the match score is above a threshold,the payment instrument is known, and matches a payment instrument stored in the user information database,the user computer system is known, matches a computer identification stored in the user information database,the user identity, the user computer system and the payment instrument have been previously used together, andthe user identity, the user computer system and the payment instrument all have transaction reputations of the predetermined category,(y) an indication that the transaction be subject to scrutiny of the first predetermined level if it is determined thatthe match score is below the threshold,the payment instrument matches a payment instrument stored in the user information database,the user computer system is known, matches a computer identification stored in the user information database,the user identity, the user computer system and the payment instrument have been previously used together, andthe user identity, the user computer system and the payment instrument all have transaction reputations of the predetermined category, and(z) an indication that the transaction be subject to scrutiny of a second predetermined level if none of (w), (x) and (y) are satisfied;
  
  wherein electronic signatures collected and stored in the user information database include at least one of;
  
  browser fingerprint attributes associated with an individual'"'"'s browser, where the browser fingerprint attributes include two or more attributes taken from the group consisting of;
  
  (i) operating system identity,(ii) screen resolution,(iii) software plug-ins,(iv) time zone,(v) system language,(vi) information pertaining to whether Java is enabled,(vii) information pertaining to whether cookies are enabled,(viii) information pertaining to sites visited by a user'"'"'s computer, and(ix) information pertaining to social network friends of a user; and
  
  computer fingerprint attributes associated with an individual'"'"'s computer, where the computer fingerprint attributes include a plurality of attributes taken from the group consisting of;
  
  (i) processor characteristics,(ii) machine memory size,(iii) values loaded at predetermined locations in the individual'"'"'s computer,(iv) values loaded into a registry in an operating system of the individual'"'"'s computer,(v) Ethernet MAC address,(vi) network information,(vii) programs loaded onto the individual'"'"'s computer, and(viii) log files in the individual'"'"'s computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Acuant Inc. (GB Group Plc)
Original Assignee
IDM Global, Inc.
Inventors
Kolkowitz, Dan, Elgamal, Taher, Sherlock, Kieran Gerard
Primary Examiner(s)
Wong, Eric T

Application Number

US12/776,784
Publication Number

US 20100293094A1
Time in Patent Office

2,353 Days
Field of Search

705/39
US Class Current

1/1
CPC Class Codes

G06Q 20/3821   Electronic credentials

G06Q 20/3825   Use of electronic signatures

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/4014   Identity check for transact...

G06Q 20/4016   involving fraud or risk lev...

G06Q 20/405   Establishing or using trans...

G06Q 50/01   Social networking

Transaction assessment and/or authentication

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

80 Citations

7 Claims

Specification

Use Cases

Quick Links

Others

Transaction assessment and/or authentication

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

80 Citations

7 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others